Cyberattacks are increasing in the industry by the day and for companies and organizations to protect and defend themselves, they should be having a robust security system that is technologically equipped to handle intensive cyberattacks, especially in this day and age where incidents like the colonial pipeline are possible.
Having said that, Microsoft has recently announced to have defended itself from a massive DDoS attack that could have impacted Microsoft Azure cloud users in Europe. DDoS or Distributed Denial of Service attacks are happening every now and then, and it is nothing that technology companies and technologically advanced organizations are not aware of. These types of attacks are growing bigger and bigger, and even the one that hit Microsoft was found to be at a massive 2.4 terabits per second (Tbps). As mentioned in a report by ZDNet, this was the biggest DDoS attack, ever that Microsoft just defended itself from.
However, it is not the first time that a DDoS attack has targeted Microsoft. Back in 2020, Microsoft defended a 1 Tbps DDoS attack, and according to Microsoft, it was the highest network volumetric event that was previously detected on the Microsoft Azure cloud computing platform.
The recent attack, however, was difficult to track for Microsoft, simply because of its share volume and the fact that it came from around 70,000 sources, that’s right. The attack is said to be orchestrated from multiple demographics including Japan, China, Vietnam, the United States, Taiwan and Malaysia.
Microsoft is unusually silent on the matter is giving only necessary information about the attack. What we know from sources, as of now, includes that the attack came in the form of short-lived bursts that lasted for 10 minutes. Each of these bursts had a peak ramped up in seconds to terabit volumes, as mentioned in a report by ZDNet. The three peaks were recorded at 2.4 Tbps, 0.55 Tbps and 1.7 Tbps, respectively. The technical report further claims that the attack vector was a User Datagram Protocol (UDP) reflection attack.
Now, in simple terms, UDP is a stateless protocol that seems to be reflecting between local networks while attacking the target’s IP address. The reflection bounces back and forth within the local network, spoofing the Internet Protocol system, generating false results.
Microsoft’s systems are advanced enough to tackle DDoS attacks like this, and as per the reports, Azure’s DDoS control plane logic system kicks in when it detects a potential attack building up around its local network. Then it cuts through the normal detection steps which are supposed to be the process and directly kicks in Mitigation to ensure a fast-time process that prevents collateral damage from such heavy-duty attacks.